Forum Discussion

GaryB_Reply's avatar
GaryB_Reply
Copper Contributor
Sep 27, 2022
Solved

Best Practice to handle duplicate SIEM log entries from MDCA and MDI

I'm looking to understand the best practice for handling potential duplicate SIEM log entries with MDI and MDCA enabled.   The MDCA documentation MDCA SIEM Integration suggests that duplicate entri...
  • Rod_Trent's avatar
    Rod_Trent
    Sep 27, 2022
    I can speak for the Sentinel side - yes, Sentinel has capability built-in to manage potential duplicate alerts. Plus, the Defender alerts are free for Sentinel customers.
Rod_Trent's avatar
Rod_Trent
Icon for Microsoft rankMicrosoft
Sep 27, 2022
I can speak for the Sentinel side - yes, Sentinel has capability built-in to manage potential duplicate alerts. Plus, the Defender alerts are free for Sentinel customers.

Resources